从Pod连接到其他Pod [英] Connect to other pod from a pod

问题描述

基本上，我有一个Deployment，它会创建3个可自动缩放的容器:PHP-FPM，NGINX和包含应用程序的容器，所有这些容器都设置有机密，服务和入口.该应用程序还在PHP-FPM和NGINX之间共享项目，因此已全部完成.

Basically, i have a Deployment that creates 3 containers which scale automatically: PHP-FPM, NGINX and the container that contains the application, all set up with secrets, services and ingress. The application also share the project between PHP-FPM and NGINX, so it's all set up.

由于我想使用K8s进行更多探索，因此我决定使用Redis创建一个Pod，该Pod也可以安装永久性磁盘(但这并不重要).我还为redis创建了一个服务，如果我通过SSH进入Redis容器并运行redis-cli，则一切工作都很好.

Since i want to explore more with K8s, i decided to create a pod with Redis that also mounts a persistent disk (but that's not important). I have also created a service for redis and all works perfectly fine if i SSH into the Redis container and run redis-cli.

有趣的是，项目无法连接到Redis所在的Pod.我了解到，各个Pod之间的容器共享相同的本地"网络，可以使用localhost进行访问.

The fun part is that the project can't connect to the pod on which Redis is on. I understand that the containers between pods share the same "local" network and they can be accessed using localhost.

如何将我的项目连接到在其他Pod中运行且可独立扩展的Redis服务器? Redis服务出了什么问题?

How do i connect my project to the redis server that is running in other pod, that scales independently? What's wrong with the Redis service?

我的Redis服务是这样的:

My Redis service is this:

apiVersion: v1
kind: Service
metadata:
  name: redis-service
spec:
  ports:
  - port: 6379
    targetPort: 6379
  selector:
    app: redis

我的Redis Pod由部署配置文件提供支持(我不一定会对其进行扩展，但我会期待它):

My Redis pod is powered by a deployment configuration file (i don't necessarily scale it, but i'll look forward into it):

apiVersion: apps/v1
kind: Deployment
metadata:
  name: redis
  labels:
    app: redis
spec:
  selector:
    matchLabels:
      app: redis
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: redis
    spec:
      volumes:
        - name: redis-persistent-volume
          persistentVolumeClaim:
            claimName: redis-pvc
      containers:
        - image: redis:4.0.11
          command: ['redis-server']
          name: redis
          imagePullPolicy: Always
          resources:
            limits:
              cpu: 250m
              memory: 512Mi
            requests:
              cpu: 250m
              memory: 512Mi
          ports:
            - containerPort: 6379
              name: redis
          volumeMounts:
            - name: redis-persistent-volume
              mountPath: /data

此外，当我点击kubectl get service时，Redis服务器具有群集IP:

Also, when i tap into the kubectl get service, the Redis server has a Cluster IP:

NAME            TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
kubernetes      ClusterIP   10.96.0.1       <none>        443/TCP        21h
nginx-service   NodePort    10.100.111.16   <none>        80:30312/TCP   21h
redis-service   ClusterIP   10.99.80.141    <none>        6379/TCP       6s

推荐答案

我如何将我的项目连接到在其他Pod中运行，可独立扩展的Redis服务器?

How do i connect my project to the redis server that is running in other pod, that scales independently?

您在这里有三种可能的状态:

You have three possible states here:

• 要从内部与运行Redis Pod的同一名称空间中运行的其他Pod在内连接到Redis Pod.在这种情况下，您将使用服务名称redis-service并指定服务端口6379以通过其当前的ClusterIP访问该端口(kube-dns正在为您进行DNS解析).我猜您是在要求这种情况.

• To connect to Redis pod from within any other pod running in the same namespace as Redis pod is running. In this case you will use service name redis-service and designates service port 6379 to reach it over it's current ClusterIP (kube-dns is making DNS resolution for you there). I'm guessing that you are asking for this scenario.

• 这里仅是从另一个容器中访问一个容器的示例(在您的情况下).首次运行:

• Here is just an example of accessing one pod from within another pod (in your case). First run:

kubectl run -it --rm test --image=busybox --restart=Never -- sh

这将运行新的测试容器，并在该容器中提供sh.现在，如果您在测试窗格内键入nslookup redis-service，您将检查DNS在各个窗格之间是否正常工作.您也可以尝试使用nc -zv redis-service 6379查看redis端口是否真正打开.如果您的kube-dns工作正常，您应该会看到该端口已打开.

this will run new test pod and give you sh within that pod. Now if you type nslookup redis-service there (within test pod) you will check that DNS is working correctly between pods. You can also try to see if redis port is actually open with nc -zv redis-service 6379. If your kube-dns is working properly you should see that port is opened.

要从内连接到Redis Pod，在同一kubernetes集群中运行，但在不同命名空间中.在这种情况下，您将使用由服务名称和名称空间名称组成的FQDN，如

To connect to Redis pod from within any other pod running in the same kubernetes cluster but in different namespace. In this case you will use FQDN consisting of service name and namespace name like it is given in the documentation.

要从kubernetes集群的外部连接到Redis Pod.在这种情况下，您将需要一些入口之王或类似机制的nodePort才能将redis服务公开给外界.有关此内容的更多信息，请阅读官方文档.

To connect to Redis pod from outside of the kubernetes cluster. In this case you will need some king of ingress, or nodePort of similar mechanism to expose redis service to outside world. More on this you can read in the official documentation.

这篇关于从Pod连接到其他Pod的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！